Columbia University – Adaptive Defenses for Commodity Software through Virtual Application Partitioning
3.13 3.13.3 System and Communications Protection
https://cs.brown.edu/~vpk/papers/vap.ccs12.pdf
In this paper the authors propose virtually partitioning the execution of applications, and adapting the defenses being deployed based on the executing partition.
https://www.cs.cornell.edu/andru/papers/swift-sosp07.pdf
This abstract paper from Cornell introduces the Swift system, a way to write web applications that are secure by construction.
https://www.epa.gov/system/files/documents/2023-11/information_security_system_and_communications_protection_procedure.pdf
This example procedure from the EPS facilitates the implementation of security control requirements for the System and Communications Protection control family, as identified NIST SP 800-53.
https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_0/home?element=SC-2
This special publication from NIST provides guidance on application partitioning.
